WAN Fiber to pfSense without ONT device



  • Hi all,

    Sorry for the noob question as I'm not a network expert…

    My local ISP provides me with a 100Mb/s connection via fiber connection.

    ISP Fiber cable goes inside my house then it goes to a ONT ( Blu-Castle BC-ONT1B ) that "converts" the fiber into RJ45.

    This RJ45 is connected to my pfSense WAN port with PPPoE authentication.

    So far so good.

    As I have some free SFP connectors in my pfSense box, I would like to "eliminate" the ONT and connect the fiber directly to my pfSense box.

    Is it possible to do that? Can someone point me in the right direction?

    kind regards



  • There might be some management stuff in that ONT.  You'll also need a SFP to match the fibre wavelength, duplex etc.  Also, it's likely the demarcation point, between you and the ISP.  I'd say you shouldn't be doing that.



  • Thanks for the reply!

    I believe it's easy to get SFP specs to match ONT's specs.

    From an educational point of view how is it possible to configure pfSense to act like this (or any other) ONT?



  • My local ISP provides me with a 100Mb/s connection via fiber connection.

    Internet only or together with VOIP or IPTV services?

    ISP Fiber cable goes inside my house then it goes to a ONT ( Blu-Castle BC-ONT1B ) that "converts" the fiber into RJ45.

    Lucky yours! you are in the best position of all in my Eyes, you don´t need a plastic GEPON or GPON box
    that is also doing SPI/NAT and so you are free to choose any kind of own equipment behind that ONT!

    This RJ45 is connected to my pfSense WAN port with PPPoE authentication.

    Freedom as freedom should be! No hassle with anything you don´t want to drive in front of your pfSense
    box.

    So far so good.

    I see it also, and I want not do any change at this construct!

    As I have some free SFP connectors in my pfSense box, I would like to "eliminate" the ONT and connect the fiber directly to my pfSense box.

    That is pending more on the side of your ISP and not on yours! Do you know what he is using really?
    Active or passive network is not the same, and if this might be so easy do you think that your ISP
    will not be providing you with a cheaper to get and provide or cheaper to install Finisar SFP EPON
    UNO unit? I am pretty sure that every IPS will do so if it is more easy to stich that in and go away.

    Is it possible to do that? Can someone point me in the right direction?

    No one of us will be able to say this or that will matching for you. If your ISP is driving a
    mixed network of active and passive running ONTs according to the distances to his
    customers points of presence (POP) because this can be different from one to another.

    Only your ISP is able to tell you that really!
    Please watch out that equipment here from Finisar and ask your ISP this will be matching well
    and then you must get it right working in pfSense or FreeBSD too! Please don´t forget this also.
    Finisar EPON SFP modules






  • @gelcom:

    Thanks for the reply!

    I believe it's easy to get SFP specs to match ONT's specs.

    From an educational point of view how is it possible to configure pfSense to act like this (or any other) ONT?

    As I mentioned, that ONT is very likely the demarcation point between you and the ISP.  It will have functions such as status monitoring, configuration and more that your ISP expects to be there.  You can't replicate that with pfSense or anything else.  It's part of the ISPs network and you just can't remove it.  Also, in many areas, regulations require a demark point, so you're not allowed to remove it.  In my work, I have set up many customers on fibre.  There was always a piece of equipment, owned by the carrier or ISP that was the demark.  There were even 2, where one carrier was providing service for another.  There might also be VLANs or MPLS involved.  That box is an essential part of your connection.  Don't remove it.


Log in to reply